Tuesday, June 26, 2018

How can I become more secure without entering master password each time?

Security, both online and offline, means everything to most of us. To attain a high level of security while on the web, users need to pay close attention to safeguarding passwords and keeping their login information private. This level of security can be accomplished by following...

1. Using Browser Password Managers

A number of password manager apps can be found—just make a search engine inquiry online to find those available. Password managers conveniently remember user's credentials, saving them and automatically filling in data every time they're needed. BUT—they are not secure! Browser password managers can expose your passwords to others who access your personal computer. Also, some browsers are not fully secure; they can simply transmit your data to unwanted third parties. Nobody wants that!

2. Enter a Master Password Each Time and/or Use 2-Step or 2-Factor Authentication

Some password managers offer maximum security by requiring the user to enter a master password every time he or she logs on to a website. Thus, the user needs only to remember one password; unique, random-generated passwords are used to access online accounts. To be sure, this is a secure method but nonetheless inconvenient. While the master password becomes the key that unlocks all online accounts, would any computer user want to enter a password with 20 random-generated characters including numbers and symbols 5 to 10 times a day? Users who have to enter passwords often tend to simplify them, thereby weakening them and making them vulnerable to being cracked. Not to be dismissed is the possibility that an unwanted intruder could peer unknown over a user's shoulder and intercept passwords. There is also the risk that a cyber spy could use a spy cam or a keystroke logger (a device using either software or hardware that monitors and records each keystroke typed on a specific computer's keyboard) to capture a user's master password.

3. Use a 2-Step or 2-Factor Authentication (2FA) with an Additional Security Code Sent with a Text Message or Email at Each Login

Alternatively, consider a hardware key such YubiKey or RSA SecurID. A hardware authentication device connects to a computer via a USB port, providing an additional limited-time security code with an embedded display. Yet, while a hardware offers a high level of security, the user is required to carry and remember yet another gadget.

4. Make a smartphone a universal key with KeyReel!

Depending upon configuration, it employs one to three factors of authentication used in various combinations for best results.

No need for master passwords or SMS/email codes—ever! Users own the passwords on their smartphones without relying on cloud or USB-device storage. Moreover, users don't necessarily need an Internet connection to access their passwords.

Users easily and securely deploy their passwords on different computers that have the KeyReel app installed. Never fret over a black hat surreptitiously intercepting credentials or stealing them with keyloggers.